Abstract: One embodiment of the present invention includes a server machine configured to establish a secure communication channel with a client machine via renewable tokens. The server machine receives a plurality of messages from a client machine over a secure communication channel, where the plurality of messages includes a first message that includes at least two of user authentication data, entity authentication data, first key exchange data, and encrypted message data. The server machine transmits, to the client machine, a second message that includes a master token comprising second key exchange data associated with the first key exchange data and at least one of a renewal time and an expiration time.

Abstract: Embodiments of the present invention include techniques for reestablishing a secure communication channel between a client machine and a server machine. A client machine receives, from a server machine, a first message generated in connection with a first master token. The client machine detects an error condition associated with the first message. The client machine transmits, to the server machine, a second message generated in connection with a pre-provisioned key that includes a request for a new master token. The client machine receives, from the server machine, a third message that includes a second master token. The client machine transmits, to the server machine, a fourth message generated in connection with the second master token.

Abstract: One embodiment of the present invention includes an approach for efficient start-up for secured connections and related services. A client machine receives, via an application program, a request to send a secure message to a server machine. The client machine transmits a plurality of messages to the server machine that includes a first message comprising at least two of user authentication data, entity authentication data, key exchange data, and encrypted message data. The client machine receives, from the server machine, a second message that includes a first master token comprising a first set of session keys for encrypting and authenticating messages exchanged with the server machine.

Abstract: One embodiment of the present invention includes an approach for efficient start-up for secured connections and related services. A client machine receives, via an application program, a request to send a secure message to a server machine. The client machine transmits a plurality of messages to the server machine that includes a first message comprising at least two of user authentication data, entity authentication data, key exchange data, and encrypted message data. The client machine receives, from the server machine, a second message that includes a first master token comprising a first set of session keys for encrypting and authenticating messages exchanged with the server machine.

Abstract: Embodiments of the present invention include techniques for reestablishing a secure communication channel between a client machine and a server machine. A client machine receives, from a server machine, a first message generated in connection with a first master token. The client machine detects an error condition associated with the first message. The client machine transmits, to the server machine, a second message generated in connection with a pre-provisioned key that includes a request for a new master token. The client machine receives, from the server machine, a third message that includes a second master token. The client machine transmits, to the server machine, a fourth message generated in connection with the second master token.

Abstract: One embodiment of the present invention includes a server machine configured to establish a secure communication channel with a client machine via renewable tokens. The server machine receives a plurality of messages from a client machine over a secure communication channel, where the plurality of messages includes a first message that includes at least two of user authentication data, entity authentication data, first key exchange data, and encrypted message data. The server machine transmits, to the client machine, a second message that includes a master token comprising second key exchange data associated with the first key exchange data and at least one of a renewal time and an expiration time.